In Linux there are the which and whereis commands showing you location of binaries included in $PATH # which lsof /usr/bin/lsof

# whereis lsof
lsof: /usr/bin/lsof /usr/share/man/man8/lsof.8.gz

so question arises what is which / whereis command Linux commands Windows equivalent?

In older Windows Home / Server editions – e.g. – Windows XP, 2000, 2003 – there is no standard installed tool to show you location of windows %PATH% defined executables. However it is possible to add the WHERE command binary by installing Resource Kit tools for administrative tasks.

Query lists all queries in a Oracle table schema. Alternavite shorter way to do the query is via:

SQL> SELECT table_name FROM user_tables;

SQL> SELECT * FROM TAB;

Shows your own schema's all tables and views.

Other oracle useful query is the Oracle equivalent of MySQLSHOW TABLES;

SQL> SELECT table_name FROM user_tables;

It will also output info only for logged in user credentials, if you're logged in as oracle database administrator (DBA role) account and you would like to check what Instances are owned by any user lets say user GEORGI query should be;

I needed to import Oracle data dump on a Linux host. To do so on Linux using console its necessary to have installed sqlplus client sqlplus is part of Oracle database product. So you will need to have Oracle priorly installed on host. Latest sqlplus Client binaries from Oracle are here. As of time of writting latest client is oracle-instantclient12.1-basic-12.1.0.1.0-1.i386.rpm
Unfortunately currently from oracle's site oracle-instantclient is only available in RPM and ZIP format. So Debian and Ubuntu users will have to install it either by downloading zip and unarchiving somewhere or using alien (deb rpm install) tool.
As a pre-requirement to install on Debian or deb based Linuces its necessary to install libaio1

I'm following a training intensive 5 days course for Oracle WebLogic. Some of exercises included stopping / starting Weblogic App server for security reasons Weblogic is designed to always propmpt for password. I remember similar behavior in Apache configured to use SSL certificate.
Whether a new Weblogic server is configured and a frequent restart of server is needed having to write the password each and everyime is mostly annoying. Thanksfully there is a file called boot.properties in which username / password can be hardcoded and later red on Weblogic start. As boot.properties contains security credentials its very important to keep the file as secured as possible. boot.properties files can be set-up for each different configured separate Weblogic server instance.

If a new password has to be set to a passwordless mysql server, the command to be issued is:

linux:~# /usr/bin/mysqladmin -u root password PASSWORD_STRING

Changing the MySQL password is also possible with mysql cli, after connecting to the sql server, though this method is a bit more time consuming. Here is how to do it from mysql console:

linux:~# mysql -u root -p
Server version: 5.1.49-3 (Debian)

Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL v2 license

Type ‘help;’ or ‘h’ for help. Type ‘c’ to clear the current input statement.
mysql> use mysql;
mysql> update user set password=PASSWORD(“NEW_PASSWORD”) where User=’root’;mysql> flush privileges;

This brute force dictionary attacks often succeed where there is a user with a weak a password, or some old forgotten test user account.
Just recently on one of the servers I administrate I have catched a malicious attacker originating from Romania, who was able to break with my system test account with the weak password tset .

Thanksfully the script kiddie was unable to get root access to my system, so what he did is he just started another ssh brute force scanner to crawl the net and look for some other vulnerable hosts.

As you read in my recent example being immune against SSH brute force attacks is a very essential security step, the administrator needs to take on a newly installed server.

The easiest way to get read of the brute force attacks without using some external brute force filtering software like fail2ban can be done by:

1. By using an iptables filtering rule to filter every IP which has failed in logging in more than 5 times

This iptables rules will filter out the SSH port to an every IP address with more than 5 invalid attempts to login to port 22

2. Getting rid of brute force attacks through use of hosts.deny blacklists

sshbl – The SSH blacklist, updated every few minutes, contains IP addresses of hosts which tried to bruteforce into any of currently 19 hosts (all running OpenBSD, FreeBSD or some Linux) using the SSH protocol. The hosts are located in Germany, the United States, United Kingdom, France, England, Ukraine, China, Australia, Czech Republic and setup to report and log those attempts to a central database. Very similar to all the spam blacklists out there.

To use sshbl you will have to set up in your root crontab the following line:

These crontab will download and substitute your system default hosts with the one regularly updated on sshbl.org , thus next time a brute force attacker which has been a reported attacker will be filtered out as your Linux or Unix system finds out the IP matches an ip in /etc/hosts.deny

The /etc/hosts.deny filtering rules are written in a way that only publicly known brute forcer IPs will only be filtered for the SSH service, therefore other system services like Apache or a radio, tv streaming server will be still accessible for the brute forcer IP.

It’s a good practice actually to use both of the methods 😉
Thanks to Static (Multics) a close friend of mine for inspiring this article.